32 matches found
CVE-2026-25169
Divide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service locally...
CVE-2026-25169 Windows Graphics Component Denial of Service Vulnerability
...
CVE-2026-25169
creationtimestamp| type| source ---|---|--- 2026-03-10 16:57:37+00:00| seen| https://www.thezdi.com/blog/2026/3/10/the-march-2026-security-update-review 2026-03-10 19:07:55+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0080 2026-03-11 03:00:16+00:00| seen|...
CVE-2018-25169
creationtimestamp| type| source ---|---|--- 2026-03-06 14:20:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgfizy6on62u...
CVE-2023-25169
discourse-yearly-review is a discourse plugin which publishes an automated Year in Review topic. In affected versions a user present in a yearly review topic that is then anonymised will still have some data linked to its original account. This issue has been patched in commit b3ab33bbf7 which is...
EUVD-2021-25169
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2022-25169
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files. CVE-2022-25169 Note...
CVE-2022-25169
The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files...
CVE-2025-25169
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rachel Cherry Authors Autocomplete Meta Box authors-autocomplete-meta-box allows Reflected XSS.This issue affects Authors Autocomplete Meta Box: from n/a through = 1.2...
CVE-2025-25169
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rachel Cherry Authors Autocomplete Meta Box authors-autocomplete-meta-box allows Reflected XSS.This issue affects Authors Autocomplete Meta Box: from n/a through = 1.2...
CVE-2025-25169
CVE-2025-25169 affects the WordPress plugin Authors Autocomplete Meta Box (versions
cartridge (>=1.0.0b1 <=1.3.1), cartridge-braintree (>=1.2.1 <=1.2.2) +4 more potentially affected by CVE-2024-25169 via mezzanine (>=3.1.10 <=6.0.0)
mezzanine PYPI version =3.1.10, =1.0.0b1, =1.2.1, =0.0.1, =0.1.0a1, =0.1.0b1, =0.4.1, =0.4.4 Source cves: CVE-2024-25169 Source advisory: OSV:GHSA-QP56-82VP-XQGV...
CVE-2024-25169
creationtimestamp| type| source ---|---|--- 2024-02-28 21:26:57+00:00| seen| https://t.me/ctinow/195879 2024-02-28 21:27:07+00:00| seen| https://t.me/ctinow/195889 2025-02-14 21:08:30+00:00| seen| Telegram/fnZ6kuUhKYBWen0yUkNyLBthmdG5-hP7kk2jSCMHVHXy2lFR...
CVE-2024-25169
An issue in Mezzanine v6.0.0 allows attackers to bypass access control mechanisms in the admin panel via a crafted request...
CVE-2024-25169
The CVE-2024-25169 issue affects Mezzanine v6.0.0, where an attacker can bypass admin-panel access controls through a crafted request, as reported by Red Hat, Veracode, OSV, GHSA, NVD, CNNVD, and others. The consensus description is that an unauthorized user could bypass restrictions in the admin...
CVE-2023-25169
creationtimestamp| type| source ---|---|--- 2023-03-06 20:12:55+00:00| seen| https://t.me/cibsecurity/59497...
CVE-2023-25169 Yearly Review Plugin leaking anonymised users data in discourse-yearly-review
discourse-yearly-review is a discourse plugin which publishes an automated Year in Review topic. In affected versions a user present in a yearly review topic that is then anonymised will still have some data linked to its original account. This issue has been patched in commit b3ab33bbf7 which is...
CVE-2023-25169
CVE-2023-25169 affects the Discourse Yearly Review plugin. In affected versions, a user appearing in a yearly review topic that is later anonymised may still have data linked to the original account. The issue has been patched in commit b3ab33bbf7 and is included in the latest plugin version. Mit...
CVE-2023-25169 Yearly Review Plugin leaking anonymised users data in discourse-yearly-review
discourse-yearly-review is a discourse plugin which publishes an automated Year in Review topic. In affected versions a user present in a yearly review topic that is then anonymised will still have some data linked to its original account. This issue has been patched in commit b3ab33bbf7 which is...
Security Bulletin: IBM Operations Analytics - Log Analysis susceptible to vulnerability in Apache Tika (CVE-2022-25169)
Summary Apache Tika shipped with IBM Operations Analytics - Log Analysis is vulnerable to denial of service,. This has been fixed. Vulnerability Details CVEID:CVE-2022-25169 DESCRIPTION: Apache Tika is vulnerable to a denial of service, caused by improper input validation in the BPG parser. By...